Books For Agents
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: books-for-agents Version: 0.1.0 The skill bundle defines tools for interacting with an external 'books-for-agents' knowledge base. The `SKILL.md` instructs the AI agent to add an MCP server at `https://booksforagents.com/mcp` and then use various tools (e.g., `search_books`, `get_book`, `submit_book`) to manage book summaries. While connecting to an external domain and submitting content via `submit_book` could theoretically be misused in a supply chain attack or with a malicious prompt, the skill itself contains no explicit instructions for data exfiltration, malicious execution, persistence, or any other harmful behavior. All instructions are clearly aligned with the stated purpose of managing book summaries, and there is no evidence of intentional malice or prompt injection attempts against the agent to perform unauthorized actions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could publish unwanted, inaccurate, or low-quality generated content to the shared knowledge base.
This exposes a direct publishing action and frames it as the next step after generation, but the artifact does not require explicit user approval, explain moderation, or describe rollback.
Use `submit_book` to publish a generated summary directly to the knowledge base. Call this after generating content with `generate_book`.
Make read-only search the default, require explicit user confirmation before `suggest_book` or `submit_book`, and document moderation and rollback behavior.
If the remote tool returned unsafe or off-task instructions, the agent might over-trust them during content generation.
The skill asks the agent to follow instructions returned from a remote MCP tool. This is purpose-aligned for formatting book summaries, but remote instructions should not be treated as higher-priority behavioral instructions.
When generating a book, follow the template and instructions returned by `generate_book` exactly.
Treat returned instructions as formatting/content guidance only, and ignore any tool-returned instruction that changes user intent, privacy expectations, or tool-use permissions.
Users must decide whether they trust the remote service without much registry-level provenance information.
The skill relies on a remote MCP service but the provided metadata does not identify a source repository or homepage for users to verify provenance.
Source: unknown; Homepage: none
Provide a verifiable homepage or repository and document who operates the MCP endpoint.
Book queries, suggested titles, and generated summary text may be visible to the external service.
The skill connects the agent to an external MCP provider; search queries and submitted summary content are sent outside the local environment. This is disclosed and aligned with the purpose.
claude mcp add --transport http books-for-agents https://booksforagents.com/mcp
Avoid sending private or sensitive material unless you trust the service and understand its retention and publication policies.